Cody Brocious -- a Mozilla dev and security researcher -- presented a paper on a vulnerability in hotel-door locks last month at Black Hat. Many electronic hotel door-locks made by Onity have a small DC power-port that also supplies data beneath them. Brocious showed that if he plugs an Arduino into these locks, reads out the 24-bit number sitting there, and re-transmits it to them, some appreciable fraction of them (but not all of them) spring open.
Testing a standard Onity lock he ordered online, he’s able to easily bypass the card reader and trigger the opening mechanism every time. But on three Onity locks installed on real hotel doors he and I tested at well-known independent and franchise hotels in New York, results were much more mixed: Only one of the three opened, and even that one only worked on the second try, with Brocious taking a break to tweak his software between tests.
Even with an unreliable method, however, Brocious’s work–and his ability to open one out of the three doors we tested without a key–suggests real flaws in Onity’s security architecture. And Brocious says he plans to release all his research in a paper as well as source code through his website following his talk, potentially enabling others to perfect his methods.
Brocious’s exploit works by spoofing a portable programming device that hotel staff use to control a facility’s locks and set which master keys open which doors. The portable programmer, which plugs into the DC port under the locks, can also open any door, even providing power through that port to trigger the mechanism of a door lock in which the battery has run out.
Hacker Will Expose Potential Security Flaw In Four Million Hotel Room Keycard Locks
I first tried Bondic in 2015, when I ordered a tube of the UV-curing plastic and started using it to fix everything — especially irregularly-fractured items with hard-to-fill gaps.
This credit-card skimmer was removed from a New York gas pump; it uses components scavenged from a cellular phone and a T-Mobile SIM to send the credit card details it harvests to its owners, who can retrieve them from anywhere in the world.
There’s a wealth of found-comedy in watching this gang of armed, helmeted robbers try in vain to smash the glass in this Malaysian jewelry store in Jalan Besar, Sungai Buloh: the hammers bounce off the fantastically tough glass, whose resilience is positively otherworldly, while the otherwise beautifully choreographed robbery (which includes some pretty snazzy outfits!) […]
If you often find yourself far away from AC power, or just want to guarantee that you’ll have GPS access on your next camping trip, the SolarJuice External Solar Battery is an excellent companion for outdoor adventures. It’s currently available in the Boing Boing Store for $59.99.The SolarJuice has a 26,800 mAh battery capable of […]
Between election hacks, ransomware, and Devil’s Ivy, the cybersecurity space is booming as malware and hackers become more sophisticated. If you’re interested in pursuing a career in ethical hacking, or just want to secure your own devices, The Super-Sized Ethical Hacking Bundle is a great resource.In this bundle, you’ll learn the fundamental skills of ethical hacking, prepare […]
The TREBLAB X11 Earphones are versatile, offer great sound, and are currently $32.99 in the Boing Boing Store.These Bluetooth earbuds are a great workout companion. They’re totally sweat proof and their ear-fins keep them snugly in place during high activity — something that Apple’s AirPods can only do if you were blessed with precisely the […]